1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
|
Changes with Unit 1.20.0 08 Oct 2020
*) Change: the PHP module is now initialized before chrooting; this
enables loading all extensions from the host system.
*) Change: AVIF and APNG image formats added to the default MIME type
list.
*) Feature: the Python module now fully supports applications that use
the ASGI 3.0 server interface.
*) Feature: the Python module now has a built-in WebSocket server
implementation for applications, compatible with the HTTP & WebSocket
ASGI Message Format 2.1 specification.
*) Feature: automatic mounting of an isolated "/tmp" file system into
chrooted application environments.
*) Feature: the $host variable contains a normalized "Host" request
value.
*) Feature: the "callable" option sets Python application callable
names.
*) Feature: compatibility with PHP 8 RC 1. Thanks to Remi Collet.
*) Feature: the "automount" option in the "isolation" object allows to
turn off the automatic mounting of language module dependencies.
*) Bugfix: "pass"-ing requests to upstreams from a route was broken; the
bug had appeared in 1.19.0. Thanks to 洪志道 (Hong Zhi Dao) for
discovering and fixing it.
*) Bugfix: the router process could crash during reconfiguration.
*) Bugfix: a memory leak occurring in the router process; the bug had
appeared in 1.18.0.
*) Bugfix: the "!" (non-empty) pattern was matched incorrectly; the bug
had appeared in 1.19.0.
*) Bugfix: fixed building on platforms without sendfile() support,
notably NetBSD; the bug had appeared in 1.16.0.
Changes with Unit 1.19.0 13 Aug 2020
*) Feature: reworked IPC between the router process and the applications
to lower latencies, increase performance, and improve scalability.
*) Feature: support for an arbitrary number of wildcards in route
matching patterns.
*) Feature: chunked transfer encoding in proxy responses.
*) Feature: basic variables support in the "pass" option.
*) Feature: compatibility with PHP 8 Beta 1. Thanks to Remi Collet.
*) Bugfix: the router process could crash while passing requests to an
application under high load.
*) Bugfix: a number of language modules failed to build on some systems;
the bug had appeared in 1.18.0.
*) Bugfix: time in error log messages from PHP applications could lag.
*) Bugfix: reconfiguration requests could hang if an application had
failed to start; the bug had appeared in 1.18.0.
*) Bugfix: memory leak during reconfiguration.
*) Bugfix: the daemon didn't start without language modules; the bug had
appeared in 1.18.0.
*) Bugfix: the router process could crash at exit.
*) Bugfix: Node.js applications could crash at exit.
*) Bugfix: the Ruby module could be linked against a wrong library
version.
Changes with Unit 1.18.0 28 May 2020
*) Feature: the "rootfs" isolation option for changing root filesystem
for an application.
*) Feature: multiple "targets" in PHP applications.
*) Feature: support for percent-encoding in the "uri" and "arguments"
matching options and in the "pass" option.
Changes with Unit 1.17.0 16 Apr 2020
*) Feature: a "return" action with optional "location" for immediate
responses and external redirection.
*) Feature: fractional weights support for upstream servers.
*) Bugfix: accidental 502 "Bad Gateway" errors might have occurred in
applications under high load.
*) Bugfix: memory leak in the router; the bug had appeared in 1.13.0.
*) Bugfix: segmentation fault might have occurred in the router process
when reaching open connections limit.
*) Bugfix: "close() failed (9: Bad file descriptor)" alerts might have
appeared in the log while processing large request bodies; the bug
had appeared in 1.16.0.
*) Bugfix: existing application processes didn't reopen the log file.
*) Bugfix: incompatibility with some Node.js applications.
*) Bugfix: broken build on DragonFly BSD; the bug had appeared in
1.16.0.
Changes with Unit 1.16.0 12 Mar 2020
*) Feature: basic load-balancing support with round-robin.
*) Feature: a "fallback" option that performs an alternative action if a
request can't be served from the "share" directory.
*) Feature: reduced memory consumption by dumping large request bodies
to disk.
*) Feature: stripping UTF-8 BOM and JavaScript-style comments from
uploaded JSON.
*) Bugfix: negative address matching in router might work improperly in
combination with non-negative patterns.
*) Bugfix: Java Spring applications failed to run; the bug had appeared
in 1.10.0.
*) Bugfix: PHP 7.4 was broken if it was built with thread safety
enabled.
*) Bugfix: compatibility issues with some Python applications.
Changes with Unit 1.15.0 06 Feb 2020
*) Change: extensions of dynamically requested PHP scripts were
restricted to ".php".
*) Feature: compatibility with Ruby 2.7.
*) Bugfix: segmentation fault might have occurred in the router process
with multiple application processes under load; the bug had appeared
in 1.14.0.
*) Bugfix: receiving request body over TLS connection might have
stalled.
Changes with Unit 1.14.0 26 Dec 2019
*) Change: the Go package import name changed to "unit.nginx.org/go".
*) Change: Go package now links to libunit instead of including library
sources.
*) Feature: ability to change user and group for isolated applications
when Unit daemon runs as an unprivileged user.
*) Feature: request routing by source and destination addresses and
ports.
*) Bugfix: memory bloat on large responses.
Changes with Unit 1.13.0 14 Nov 2019
*) Feature: basic support for HTTP reverse proxying.
*) Feature: compatibility with Python 3.8.
*) Bugfix: memory leak in Python application processes when the close
handler was used.
*) Bugfix: threads in Python applications might not work correctly.
*) Bugfix: Ruby on Rails applications might not work on Ruby 2.6.
*) Bugfix: backtraces for uncaught exceptions in Python 3 might be
logged with significant delays.
*) Bugfix: explicit setting a namespaces isolation option to false might
have enabled it.
Changes with Unit 1.12.0 03 Oct 2019
*) Feature: compatibility with PHP 7.4.
*) Bugfix: descriptors leak on process creation; the bug had appeared in
1.11.0.
*) Bugfix: TLS connection might be closed prematurely while sending
response.
*) Bugfix: segmentation fault might have occurred if an irregular file
was requested.
Changes with Unit 1.11.0 19 Sep 2019
*) Feature: basic support for serving static files.
*) Feature: isolation of application processes with Linux namespaces.
*) Feature: built-in WebSocket server implementation for Java Servlet
Containers.
*) Feature: direct addressing of API configuration options containing
slashes "/" using URI encoding (%2F).
*) Bugfix: segmentation fault might have occurred in Go applications
under high load.
*) Bugfix: WebSocket support was broken if Unit was built with some
linkers other than GNU ld (e.g. gold or LLD).
Changes with Unit 1.10.0 22 Aug 2019
*) Change: matching of cookies in routes made case sensitive.
*) Change: decreased log level of common errors when clients close
connections.
*) Change: removed the Perl module's "--include=" ./configure option.
*) Feature: built-in WebSocket server implementation for Node.js module.
*) Feature: splitting PATH_INFO from request URI in PHP module.
*) Feature: request routing by scheme (HTTP or HTTPS).
*) Feature: support for multipart requests body in Java module.
*) Feature: improved API compatibility with Node.js 11.10 or later.
*) Bugfix: reconfiguration failed if "listeners" or "applications"
objects were missing.
*) Bugfix: applying a large configuration might have failed.
Changes with Unit 1.9.0 30 May 2019
*) Feature: request routing by arguments, headers, and cookies.
*) Feature: route matching patterns allow a wildcard in the middle.
*) Feature: POST operation for appending elements to arrays in
configuration.
*) Feature: support for changing credentials using CAP_SETUID and
CAP_SETGID capabilities on Linux without running main process as
privileged user.
*) Bugfix: memory leak in the router process might have happened when a
client prematurely closed the connection.
*) Bugfix: applying a large configuration might have failed.
*) Bugfix: PUT and DELETE operations on array elements in configuration
did not work.
*) Bugfix: request schema in applications did not reflect TLS
connections.
*) Bugfix: restored compatibility with Node.js applications that use
ServerResponse._implicitHeader() function; the bug had appeared in
1.7.
*) Bugfix: various compatibility issues with Node.js applications.
Changes with Unit 1.8.0 01 Mar 2019
*) Change: now three numbers are always used for versioning: major,
minor, and patch versions.
*) Change: now QUERY_STRING is always defined even if the request does
not include the query component.
*) Feature: basic internal request routing by Host, URI, and method.
*) Feature: experimental support for Java Servlet Containers.
*) Bugfix: segmentation fault might have occurred in the router process.
*) Bugfix: various potential memory leaks.
*) Bugfix: TLS connections might have stalled.
*) Bugfix: some Perl applications might have failed to send the response
body.
*) Bugfix: some compilers with specific flags might have produced
non-functioning builds; the bug had appeared in 1.5.
*) Bugfix: Node.js package had wrong version number when installed from
sources.
Changes with Unit 1.7.1 07 Feb 2019
*) Security: a heap memory buffer overflow might have been caused in the
router process by a specially crafted request, potentially resulting
in a segmentation fault or other unspecified behavior
(CVE-2019-7401).
*) Bugfix: install of Go module failed without prior building of Unit
daemon; the bug had appeared in 1.7.
Changes with Unit 1.7 20 Dec 2018
*) Change: now rpath is set in Ruby module only if the library was not
found in default search paths; this allows to meet packaging
restrictions on some systems.
*) Bugfix: "disable_functions" and "disable_classes" PHP options set via
Control API did not work.
*) Bugfix: Promises on request data in Node.js were not triggered.
*) Bugfix: various compatibility issues with Node.js applications.
*) Bugfix: a segmentation fault occurred in Node.js module if
application tried to read request body after request.end() was
called.
*) Bugfix: a segmentation fault occurred in Node.js module if
application attempted to send header twice.
*) Bugfix: names of response header fields in Node.js module were
erroneously treated as case-sensitive.
*) Bugfix: uncatched exceptions in Node.js were not logged.
*) Bugfix: global install of Node.js module from sources was broken on
some systems; the bug had appeared in 1.6.
*) Bugfix: traceback for exceptions during initialization of Python
applications might not be logged.
*) Bugfix: PHP module build failed if PHP interpreter was built with
thread safety enabled.
Changes with Unit 1.6 15 Nov 2018
*) Change: "make install" now installs Node.js module as well if it was
configured.
*) Feature: "--local" ./configure option to install Node.js module
locally.
*) Bugfix: Node.js module might have crashed due to broken reference
counting.
*) Bugfix: asynchronous operations in Node.js might not have worked.
*) Bugfix: various compatibility issues with Node.js applications.
*) Bugfix: "freed pointer is out of pool" alerts might have appeared in
log.
*) Bugfix: module discovery did not work on 64-bit big-endian systems
like IBM/S390x.
Changes with Unit 1.5 25 Oct 2018
*) Change: the "type" of application object for Go was changed to
"external".
*) Feature: initial version of Node.js package with basic HTTP
request-response support.
*) Feature: compatibility with LibreSSL.
*) Feature: --libdir and --incdir ./configure options to install libunit
headers and static library.
*) Bugfix: connection might be closed prematurely while sending
response; the bug had appeared in 1.3.
*) Bugfix: application processes might have stopped handling requests,
producing "last message send failed: Resource temporarily
unavailable" alerts in log; the bug had appeared in 1.4.
*) Bugfix: Go applications did not work when Unit was built with musl C
library.
Changes with Unit 1.4 20 Sep 2018
*) Change: the control API maps the configuration object only at
"/config/".
*) Feature: TLS support for client connections.
*) Feature: TLS certificates storage control API.
*) Feature: Unit library (libunit) to streamline language module
integration.
*) Feature: "408 Request Timeout" responses while closing HTTP
keep-alive connections.
*) Feature: improvements in OpenBSD support. Thanks to David Carlier.
*) Bugfix: a segmentation fault might have occurred after
reconfiguration.
*) Bugfix: building on systems with non-default locale might be broken.
*) Bugfix: "header_read_timeout" might not work properly.
*) Bugfix: header fields values with non-ASCII bytes might be handled
incorrectly in Python 3 module.
Changes with Unit 1.3 13 Jul 2018
*) Change: UTF-8 characters are now allowed in request header field
values.
*) Feature: configuration of the request body size limit.
*) Feature: configuration of various HTTP connection timeouts.
*) Feature: Ruby module now automatically uses Bundler where possible.
*) Feature: http.Flusher interface in Go module.
*) Bugfix: various issues in HTTP connection errors handling.
*) Bugfix: requests with body data might be handled incorrectly in PHP
module.
*) Bugfix: individual PHP configuration options specified via control
API were reset to previous values after the first request in
application process.
Changes with Unit 1.2 07 Jun 2018
*) Feature: configuration of environment variables for application
processes.
*) Feature: customization of php.ini path.
*) Feature: setting of individual PHP configuration options.
*) Feature: configuration of execution arguments for Go applications.
*) Bugfix: keep-alive connections might hang after reconfiguration.
Changes with Unit 1.1 26 Apr 2018
*) Bugfix: Python applications that use the write() callable did not
work.
*) Bugfix: virtual environments created with Python 3.3 or above might
not have worked.
*) Bugfix: the request.Read() function in Go applications did not
produce EOF when the whole body was read.
*) Bugfix: a segmentation fault might have occurred while access log
reopening.
*) Bugfix: in parsing of IPv6 control socket addresses.
*) Bugfix: loading of application modules was broken on OpenBSD.
*) Bugfix: a segmentation fault might have occurred when there were two
modules with the same type and version; the bug had appeared in 1.0.
*) Bugfix: alerts "freed pointer points to non-freeble page" might have
appeared in log on 32-bit platforms.
Changes with Unit 1.0 12 Apr 2018
*) Change: configuration object moved into "/config/" path.
*) Feature: basic access logging.
*) Bugfix: 503 error occurred if Go application did not write response
header or body.
*) Bugfix: Ruby applications that use encoding conversions might not
have worked.
*) Bugfix: various stability issues.
Changes with Unit 0.7 22 Mar 2018
*) Feature: Ruby application module.
*) Bugfix: in discovering modules.
*) Bugfix: various race conditions on reconfiguration and during
shutting down.
*) Bugfix: tabs and trailing spaces were not allowed in header fields
values.
*) Bugfix: a segmentation fault occurred in Python module if
start_response() was called outside of WSGI callable.
*) Bugfix: a segmentation fault might have occurred in PHP module if
there was an error while initialization.
Changes with Unit 0.6 09 Feb 2018
*) Bugfix: the main process died when the "type" application option
contained version; the bug had appeared in 0.5.
Changes with Unit 0.5 08 Feb 2018
*) Change: the "workers" application option was removed, the "processes"
application option should be used instead.
*) Feature: the "processes" application option with prefork and dynamic
process management support.
*) Feature: Perl application module.
*) Bugfix: in reading client request body; the bug had appeared in 0.3.
*) Bugfix: some Python applications might not have worked due to missing
"wsgi.errors" environ variable.
*) Bugfix: HTTP chunked responses might be encoded incorrectly on 32-bit
platforms.
*) Bugfix: infinite looping in HTTP parser.
*) Bugfix: segmentation fault in router.
Changes with Unit 0.4 15 Jan 2018
*) Feature: compatibility with DragonFly BSD.
*) Feature: "configure php --lib-static" option.
*) Bugfix: HTTP request body was not passed to application; the bug had
appeared in 0.3.
*) Bugfix: HTTP large header buffers allocation and deallocation fixed;
the bug had appeared in 0.3.
*) Bugfix: some PHP applications might not have worked with relative
"root" path.
Changes with Unit 0.3 28 Dec 2017
*) Change: the Go package name changed to "nginx/unit".
*) Change: in the "limits.timeout" application option: application start
time and time in queue now are not accounted.
*) Feature: the "limits.requests" application option.
*) Feature: application request processing latency optimization.
*) Feature: HTTP keep-alive connections support.
*) Feature: the "home" Python virtual environment configuration option.
*) Feature: Python atexit hook support.
*) Feature: various Go package improvements.
*) Bugfix: various crashes fixed.
Changes with Unit 0.2 19 Oct 2017
*) Feature: configuration persistence.
*) Feature: improved handling of configuration errors.
*) Feature: application "timeout" property.
*) Bugfix: POST request for PHP were handled incorrectly.
*) Bugfix: the router exited abnormally if all listeners had been
deleted.
*) Bugfix: the router crashed under load.
*) Bugfix: memory leak in the router.
Changes with Unit 0.1 06 Sep 2017
*) First public release.
|